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DETAILED ACTION 

1 . This action is responding to application amendments filed on 7-15-2008. 

2. Claims 1 - 32 are pending. Claims 2, 4, 10, 18, 22, 28 have been amended. 
Claims 1, 7, 14, 20, 25 are independent. This application was filed on 10-3-2003. 

Response to Arguments 

3. Applicant's arguments filed 7/1 5/2008 have been fully considered and were not 
persuasive. 

3.1 Claims 2, 4 - 8, 10 - 12, 18, 19, 22 - 24, 28, 29 are allowable. Claims 2, 4, 10, 
18, 22, 28 have been rewritten in independent form including ail of the limitations of the 
base claims and any intervening claims and therefore are allowable. Claims 5, 6, 11, 
12, 19, 23, 24, 29 are allowable due to dependence on an allowable base. 

Applicant's previous arguments, see Applicant Arguments/Remarks Made in an 
Amendment, filed January 31 , 2008, with respect to the rejections) of claim(s) 2, 4, 10, 
18, 22, 23, 28, 29 under 35 U.S.C. 102(e) as being anticipated by Katz et al. (US 
PGPUB No. 20040039938) and under 35 U.S.C. 103(a) as being unpatentable over 
Kate-fWlcClure and further in view of MeLampy et al. (US PGPUB No. 20020112073) 
have been fully considered and were persuasive. The rejection(s) were previously 
withdrawn. 
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In addition, Claim 30 does not include the limitations of the base claims present in 
the other proposed independent claims, if rewritten in a similar form, claim 30 will be in 
allowable form and is allowed. Applicant has not rewritten claim 30 in independent 
form. Therefore, Claim 30 is not allowable in its present form. 

3.2 Applicant argues the opening and closing of a port as a security measure, (see 
Remarks Page 18-30) 

Katz discloses controlling the opening and dosing of a port in conjunction with a 
session initiation and session termination process. The Katz prior art discloses a port 
opening on the basis of detecting a communications session initiation and port closings 
in conjunction with session closings or termination, (see Katz paragraph [0027], lines 1- 
9; paragraph [0033], lines 5-1 1 ) Katz discloses communications for network security 
and the concept of opening and closing ports in conjunction with a session initiation 
procedure and session termination procedure to create a communications structure 
equivalent to a pinhole. The session initiation is in conjunction with the opening a port 
and session termination is in conjunction with closing a port. The Katz prior art 
discloses monitoring the operation a system to reach a determination for a delay value 
in the opening and dosing ports (session communications interface). 

Applicant argues the dependent claims. (See Remarks Pages 21-30) The 
rejection of the dependent claims (non allowable claims) is based on the rejection of the 
independent claims and the rejection of the dependent claims' additional claim 
limitations (see Office Action). 
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A delay is defined as the time period between two events. Namely, for the 
opening of a port event, the delay is the time period between a closed port state and an 
open port state. And, for the closing of a port event, the delay is the time period 
between an open port state and a dosed port state. The Katz prior art discloses a time 
calculation for opening a port and closing a port. This time calculation includes a time 
delay portion calculation. Katz discloses the calculation of multiple types of delay and 
an opening and closing delay is well known in the art. (see Katz paragraphs [001 1] and 
[0012]: multiple types of delay) 

In order to adjust a value, the current state of a value namely the delay time (time 
period between closed and opened states or between opened and closed states) must 
first be determined, and then the value can be adjusted. The Katz prior art discloses 
the determination of a port opening time period and a port closing time period. The 
delay value is the time period for a transition from one state to the next state. 

The Katz prior art discloses a time stamp for communications that pass through a 
communications session (session signaling) interface. The opening of a port is a 
communications initiation function and is the first signal to pass through a 
communications session interface, (see Katz paragraph [0014], lines 4-9; paragraph 
[0016], lines 5-10: time stamp communications processing; paragraph [0013], lines 5-9; 
paragraph [0030], lines 1-4: session signaling, port opening, port closing, 
communications session established, terminated)) 

3.3 The identification patent number for the rejection based on the Bearden prior art 
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has been corrected. 



Claim Rejections - 35 USC § 102 



4. The following is a quotation of the appropriate paragraphs of 35 U.S.C. 1 02 that 
form the basis for the rejections under this section made in this Office action: 

A person shall be entitled to a patent unless - 

(e) the invention was described in (1) an application for patent, published under section 122(b), by 
another filed in the United States before the invention by the applicant for patent or (2) a patent 
granted on an application for patent by another filed in the United States before the invention by the 
applicant for patent, except that an international application filed under the treaty defined in section 
351 (a) shall have the effects for purposes of this subsection of an application filed in the United States 
only if the international application designated the United States and was published under Article 21(2) 
of such treaty in the English language. 

5. Claims 1, 3, 7 -9, 14 - 17, 31 are rejected under 35 U.S.C. 102(e) as being 
anticipated by Katz et al. (US PGPUB No. 20040039938). 



With Regards to Claim 1, Katz discloses a method of testing a firewall comprising: 

a) transmitting at least one of a session initiation signal to initiate a communications 
session through said firewall and a session termination signal used to terminate 
an established communications session; (see Katz paragraph [0013], lines 5-9; 
paragraph [0030], lines 1-4: session signaling, port opening, port closing, 
communications session established, terminated) and 

b) monitoring to determine from the time of at least one said transmitted signal at 
least one of a port opening delay which occurs in regard to a session initiation 
signal and opening a port in said firewall for a communications session that is 
being initiated and a port closing delay which occurs in regard to a session 
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termination signal and closing a port in said firewall when terminating an 
established communications session, (see Katz paragraph [0030], lines 1-4; 
paragraph [0034], lines 1-5; paragraph [0024], lines 5-9: monitor, port opening 
delay, port closing delay, communications acknowledgement, delay 
determination) 

With Regards to Claim 3, Katz discloses the method according to claim 1, wherein 
said at least one of a port opening delay and a port closing delay is a port closing delay, 
(see Katz paragraph [0014], lines 2-8; paragraph [0024], lines 5-9: port closing delay, 
acknowledgement response) 

With Regards to Claim 7, Katz discloses a method of testing a network firewall 
comprising: 

a) transmitting a session signal to terminate an ongoing communications session 
being conducted through at least one port of said firewall; (see Katz paragraph 
[00027], lines 6-9: terminate session, port closing) and 

b) measuring a port closing delay time associated with the closing of said at least 
one port following the transmission of said signal to terminate said 
communications session, (see Katz paragraph [0030], lines 1-4; paragraph 
[0034], lines 1-5: monitor, port opening delay, port closing delay, communications 
acknowledgement; paragraph [0027], lines 6-9: session termination, port closing) 
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With Regards to Claim 8, Katz discloses the method of claim 7, wherein said port 
closing delay is a time period which occurs between the time a signal used to cause the 
closing of the port is detected and said port ceases to allow communications signals to 
pass through from the first side of said firewall to the second side of said firewall, (see 
Katz paragraph [0027], lines 6-9: port closing (i.e. opening, or closing); paragraph 
[0024], lines 5-9: port closing delay determination) 

With Regards to Claim 9, Katz discloses the method according to claim 8, further 
comprising the steps of: transmitting test signals at said port prior to the closing of said 
port; and monitoring the port to determine when said test signals cease passing through 
said port, (see Katz paragraph [0024], lines 5-9: time period to measure response 
acknowledgement, port closing delay) 

With Regards to Claim 14, Katz discloses a method of testing a network firewall, 
comprising: 

a) transmitting a session signal to initiate a communications session to be 
conducted through said firewall; (see Katz paragraph [0031], lines 2-4: session 
initiation) 

b) transmitting test signals to at least one port on a first side of said firewall; (see 
Katz paragraph [0013], lines 5-9; paragraph [0030], lines 1-4: port opening, 
closing signals) 

c) determining a time when said test signals first pass through said at least one port, 



Application/Control Number: 10/679,222 Page 8 

Art Unit: 2436 

said at least one port being opened in response to said signal to initiate a 
communications session; (see Katz paragraph [0030], lines 1-4: time parameter 
utilized to open session) and 
d) determining a port opening delay which occurs in regard to opening a port in said 
firewall for said communications session from said determined time, (see Katz 
paragraph [0024], lines 5-9: port opening delay, acknowledgement response, 
delay determination) 

With Regards to Claim 15, Katz discloses the method of claim 14, wherein said port 
opening delay is a time period which occurs between a time a signal used to cause the 
port for said communications session to open is detected and said port allows a signal 
to pass through from the first side of said firewall to the second side of said firewall, (see 
Katz paragraph [0024], lines 5-9: signal, acknowledgment sequence) 

With Regards to Claim 16, Katz discloses the method according to claim 15, further 
comprising the step of: 

a) transmitting another session signal to terminate said communications session; 
(see Katz paragraph [0027], lines 6-9: terminate close session) and 

b) monitoring a port closing delay time corresponding to a port closing delay which 
occurs in regard to closing the port in said firewall that was opened for said 
communications session, (see Katz paragraph [0030], lines 1-4; paragraph 
[0034], lines 1-5: monitor, port opening delay, port closing delay, communications 
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acknowledgement, delay determination) 

With Regards to Claim 17, Katz discloses the method of claim 16, wherein said 
port closing delay is a time period which occurs between the time a signal used 
to cause the closing of the port is detected and said port ceases to allow 
communications signals to pass through from the first side of said firewall to the 
second side of said firewall, (see Katz paragraph [0024], lines 5-9; paragraph 
[0027], lines 6-9: determine delay, port closing communications session 
terminated) 

With Regards to Claim 31, Katz discloses the method of claim 30, further comprising; 
determining the session signal rate, which results in a maximum acceptable port closing 
delay being exceeded, (see Katz paragraph [0024], lines 5-9; paragraph [0025], lines 7- 
9: predetermined value for delay) 

6. Claims 13, 32 are rejected under 35 U.S.C. 1 03(a) as being unpatentable over 
Katz in view of MeLampy et al. (US PGPUB No. 200201 12073). 

With Regards to Claims 13, 32, Katz discloses the method of claims 7, 31 . (see Katz 
paragraph [0013], lines 5-9; paragraph [0030], lines 1-4: port opening, closing) Katz 
does not specifically disclose wherein said session signal is at least one of SIP and 
H.323 compliant signals. However, MeLampy in the same field of endeavor, 
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communications (i.e. open, close) port processing, discloses wherein said session 
signal is at least one of SIP and H.323 compliant signals, (see MeLampy paragraph 
[0065], lines 1-11; paragraph [0077], lines 1-4; paragraph [0077], lines 10-18; paragraph 
[0085], lines 2-6: session signaling, SIP, H.323) 

It would have been obvious to one of ordinary skill in the art to modify Katz 
whereby a session signal is a SIP and/or H.323 compliant signals as taught by 
MeLampy. One of ordinary skill in the art would have been motivated to employ the 
teachings of MeLampy in order to enable the efficient interoperation of a network type 
switch based on standards for networks communications interoperability, (see 
MeLampy paragraph [0027], lines 9-15: " ... For example, to enable proper routing, 
each Softswitch would have to share information about circuit availability to ensure 
proper route-around functionality as the network becomes full. Since there are currently 
no standards for accomplishing this, vendors have been building proprietary methods; 
and these proprietary methods may not intemperate correctly. ... ") 

6. Claims 20, 21, 25, 26, 27 are rejected under 35 U.S.C. 103(a) as being 
unpatentable over Katz in view of McClure et al. (US PGPUB No. 20030195861). 

With Regards to Claim 20, Katz discloses a firewall test apparatus, comprising: 
a) a session signaling module for generating session signals used to initiate a 
communications session to be conducted through a firewall to be tested and to 
terminate a communications session after it has been initiated; (see Katz 
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paragraph [0026], lines 1-4; paragraph [0027[, lines 6-9: initiate communication 
session (i.e. port open) and terminate communications session (i.e. port close)) 

c) a timing synchronization module for synchronizing operation of said firewall test 
apparatus to at least one of an external clock source and another firewall test 
apparatus; (see Katz paragraph [0015], lines 6-9: time synchronization) and 

Katz discloses wherein an analysis module for determining at least a port closing 
delay from a session signal time, and detected to stop passing through a port in said 
firewall, (see Katz paragraph [0024], lines 5-9: port closing delay[ paragraph [0027], 
lines 6-9: terminate (i.e. stop) communications session; paragraph [0036], lines 1-2; 
paragraph [0036], lines 6-12: software, module) Katz does not specifically disclose 
a scanning probe generation module for generating probe signals to be directed at 
firewall ports, and time probe signals. 

However, McClure in the same field of endeavor, communications (i.e. open, close) 
port processing, discloses: 

b) a scanning probe generation module for generating probe signals to be directed 
at firewall ports; (see McClure paragraph [0041], lines 11-16; paragraph [0162], 
lines 8-12; paragraph [0171], lines 1-4; paragraph [0172], lines 1-4: probe signal 
capability, port scanning capability) 

d) a time probe signals, (see McClure paragraph [0041], lines 11-16; paragraph 
[0162], lines 8-12; paragraph [0171], lines 1-4; paragraph [0172], lines 1-4: probe 
signal capability, port scanning capability) 

It would have been obvious to one of ordinary skill in the art to modify Katz to 
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enable a scanning probe generation module, and time probe signals as taught by 
McClure. One of ordinary skill in the art would have been motivated to employ the 
teachings of McClure in order to enable a quantitative method to objectively 
compare the security of network systems, (see McClure paragraph [0009], lines 1- 
11: "... Existing testing methods lack a standard, quantitative method for objectively 
comparing the security of a target network or target computer to other systems. 
Typically, a target network or target computer is ranked only as "high risk, " "medium 
risk, " or "low risk. " However, such a three-tier system alone provides very little 
substantive feedback or comparative information about changes in the network over 
time, the relative weight of different vulnerabilities in determining the resulting risk 
level, or objective assessments of network security among otherwise heterogeneous 
network environment. " 

With Regards to Claim 21, Katz discloses the firewall test apparatus of claim 20, 
wherein said analysis module further includes means for determining at least a port 
opening delay from a session signal time associated with a session signal used to 
initiate a communications session, (see Katz paragraph [0024], lines 5-9: port opening 
delay) Katz does not specifically disclose time probe signals. However, McClure in 
the same field of endeavor, communications (i.e. open, close) port processing, 
discloses wherein time probe signals, (see McClure paragraph [0041], lines 11-16; 
paragraph [0162], lines 8-12; paragraph [0171], lines 1-4; paragraph [0172], lines 1-4: 
probe signal capability, port scanning capability) 
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It would have been obvious to one of ordinary skill in the art to modify Katz for time 
probe signals to start passing through a port as taught by McClure. One of ordinary skill 
in the art would have been motivated to employ the teachings of McClure in order to 
enable a quantitative method to objectively compare the security of network systems, 
(see McClure paragraph [0009], lines 1-11) 

With Regards to Claim 25, Katz discloses a firewall test system for testing a firewall, 
comprising; 

Katz discloses wherein a test signal generator for generating communications 
session initiation signals. And, a test signal analyzer for detecting probe signals 
passing through said first side of said firewall to said second side of said firewall and 
for determining port closing delays as measured from the time the test signal 
analyzer detects a signal used to close a port in said firewall and said analyzer 
ceases to detect test signals passing through said firewall (see Katz paragraph 
[0013], lines 5-9; paragraph [0026], lines 1-4: test signals to communications session 
initiation signals, port open) Katz does not specifically disclose probe signals 
directed at a first side of said firewall. 

However, McClure in the same field of endeavor, communications (i.e. open, close) 
port processing, discloses: 

a) probe signals directed at a first side of said firewall; (see McClure paragraph 
[0041], lines 11-16; paragraph [0162], lines 8-12; paragraph [0171], lines 1-4; 
paragraph [0172], lines 1-4: probe signal capability, port scanning capability) 
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b) probe signals (see Katz paragraph [0027], lines 6-9; paragraph [0024], lines 5-9: 
port open, close delays) 
It would have been obvious to one of ordinary skill in the art to modify Katz for 
probe signals as taught by McClure. One of ordinary skill in the art would have been 
motivated to employ the teachings of McClure in order to enable a quantitative 
method to objectively compare the security of network systems, (see McClure 
paragraph [0009], lines 1-11) 



With Regards to Claim 26, Katz discloses the firewall test system of claim 25, wherein 
said test signal generator further includes: means for establishing a communications 
session through said firewall using session initiation signals, (see Katz paragraph 
[0026], lines 1-4: signal generation, establish communication session, port open; 
paragraph [0036], lines 1-2; paragraph [0036], lines 6-12: software, implementation 
means) Katz does not specifically disclose said probe signals. However, McClure in 
the same field of endeavor, communications (i.e. open, close) port processing, 
discloses wherein prior to transmitting at least some of said probe signals, (see 
McClure paragraph [0041], lines 11-16; paragraph [0162], lines 8-12; paragraph [0171], 
lines 1-4; paragraph [0172], lines 1-4: probe signal capability, port scanning capability) 

It would have been obvious to one of ordinary skill in the art to modify Katz for said 
probe signals as taught by McClure. One of ordinary skill in the art would have been 
motivated to employ the teachings of McClure in order to enable a quantitative method 
to objectively compare the security of network systems, (see McClure paragraph 
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[0009], lines 1-11) 
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With Regards to Claim 27, Katz discloses the firewall test system of claim 26, wherein 
said test signal generator includes means for synchronizing test signal generation to an 
outside clock source; and wherein said signal analyzer includes means for 
synchronizing device operation with said outside clock source, (see Katz paragraph 
[0015], lines 6-9; paragraph [0032], lines 1-12: clock (i.e. synchronization) based 
operations performed) 

Conclusion 

THIS ACTION IS MADE FINAL. Applicant is reminded of the extension of time 
policy as set forth in 37 CFR 1 .136(a). 

A shortened statutory period for reply to this final action is set to expire THREE 
MONTHS from the mailing date of this action. In the event a first reply is filed within 
TWO MONTHS of the mailing date of this final action and the advisory action is not 
mailed until after the end of the THREE-MONTH shortened statutory period, then the 
shortened statutory period will expire on the date the advisory action is mailed, and any 
extension fee pursuant to 37 CFR 1 .136(a) will be calculated from the mailing date of 
the advisory action. In no event, however, will the statutory period for reply expire later 
than SIX MONTHS from the mailing date of this final action. 

Any inquiry concerning this communication or earlier communications from the 
examiner should be directed to Carlton V. Johnson whose telephone number is 571- 
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270-1032. The examiner can normally be reached on Monday thru Friday , 8:00 - 
5:00PM EST. 

If attempts to reach the examiner by telephone are unsuccessful, the examiner's 
supervisor, Nasser Moazzami can be reached on 571-272-4195. The fax phone 
number for the organization where this application or proceeding is assigned is 571- 
273-8300. 

Information regarding the status of an application may be obtained from the 
Patent Application Information Retrieval (PAIR) system. Status information for 
published applications may be obtained from either Private PAIR or Public PAIR. 
Status information for unpublished applications is available through Private PAIR only. 
For more information about the PAIR system, see http://pair-direct.uspto.gov. Should 
you have questions on access to the Private PAIR system, contact the Electronic 
Business Center (EBC) at 866-217-9197 (toll-free). If you would like assistance from a 
USPTO Customer Service Representative or access to the automated information 
system, call 800-786-9199 (IN USA OR CANADA) or 571-272-1000. 

/Nasser G Moazzami/ Carlton V. Johnson 

Supervisory Patent Examiner, Art Unit 2436 Examiner 

Art Unit 2436 



CVJ 

October 14, 2008 



